7644 matches found
Linksys Wireless Internet Camera File Disclosure (2004) - Active Check
The Linksys Wireless Internet Camera contains a CGI that allows remote attackers to disclosue sensitive files stored on the server. SPDX-FileCopyrightText: 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Telnet Banner Reporting
This scripts reports the received banner of a Telnet service. SPDX-FileCopyrightText: 2005 SecuriTeam SPDX-FileCopyrightText: Reworked, improved and extended detection code and pattern since 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C...
CVE-2004-2508
CVE-2004-2508 is an XSS in Linksys WVC11B Wireless-B Internet Video Camera (vulnerable component: main.cgi, parameter: next_file). OpenVAS entries describe a related CGI that discloses sensitive files on the server, including potential exposure of the root password file contents, indicating a bro...
CVE-2004-2507
The CVE-2004-2507 entry concerns the Linksys WVC11B Wireless-B Internet Video Camera. Affected software: main.cgi. Vulnerability type: absolute path traversal, exploitable via an absolute pathname provided in the next_file parameter. Root cause: improper handling of file paths in main.cgi allows ...
CVE-2004-2508
Cross-site scripting XSS vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the nextfile parameter...
CVE-2004-2507
Absolute path traversal vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to read arbitrary files via an absolute pathname in the nextfile parameter...
CVE-2005-2734
Cross-site scripting XSS vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag...
CVE-2005-2737
Cross-site scripting XSS vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag...
CVE-2005-2735
Cross-site scripting XSS vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag...
CVE-2005-2735
CVE-2005-2735 describes a cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier . The flaw allows remote attackers to inject arbitrary web script or HTML via EXIF data (e.g., Camera Model Tag) . Documented impact indicates that the vulnerability can be triggered through crafted...
CVE-2005-2737
Cross-site scripting XSS vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag...
CVE-2004-2427
Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to obtain sensitive information via direct requests to 1 admin/getparam.cgi, 2 admin/systemlog.cgi, 3 admin/serverreport.cgi, and 4 admin/paramlist.cgi, modify system information via 5 setparam.cgi an...
CVE-2004-2425
Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to execute arbitrary commands via accent and possibly other shell metacharacters in the query string to virtualinput.cgi...
CVE-2004-2427
CVE-2004-2427 affects Axis Network Camera (versions 2.40 and earlier) and Axis Video Server (versions 3.12 and earlier). The vulnerability enables unauthenticated remote access to sensitive information via direct requests to admin/getparam.cgi, admin/systemlog.cgi, admin/serverreport.cgi, and adm...
CVE-2004-2426
Axis Network Camera 2.40 and earlier and Axis Video Server 3.12 and earlier are affected by a directory-traversal vulnerability that lets remote attackers bypass authentication by using a .. sequence in an HTTP POST to ServerManager.srv and then perform privileged actions such as modifying files ...
CVE-2004-2425
CVE-2004-2425 affects Axis Network Camera (2.40 and earlier) and Axis Video Server (3.12 and earlier). The issue allows remote attackers to execute arbitrary OS commands by injecting shell metacharacters (notably the backtick) in the query string to the CGI endpoint virtualinput.cgi. The NVD entr...
CVE-2004-2426
Directory traversal vulnerability in Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to bypass authentication via a .. dot dot in an HTTP POST request to ServerManager.srv, then use these privileges to conduct other activities, such as modifying...
CVE-2001-1543
Axis Network Camera models 2120, 2110, 2100, 200+ and 200 are affected by CVE-2001-1543 due to a default administrator password. This root cause allows remote attackers to gain access using the credentials pass. Impact stated across multiple sources is unauthorized access to the camera. No explic...
CVE-2001-1543
Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera...
CVE-2005-1422
CVE-2005-1422 affects Raysoft/Raybase Video Cam Server 1.0.0 beta. The vulnerability allows remote attackers to perform administrator operations and trigger a denial of service by sending a direct request to admin.html . The connected documents confirm the affected product and impact but do not p...